[backend] add analysisPush, analysisClear and stixCoreObjectAnalysis …

…queries (OpenCTI-Platform#6803)

opencti-platform/opencti-front/lang/back/de.json

@@ -25,13 +25,16 @@
   "Algorithm": "Algorithmus",
   "Aliases": "Aliase",
   "Allowed markings": "Erlaubte Markierungen",
+  "Analysis content source": "Analyse der Inhaltsquelle",
+  "Analysis content type": "Analyse Inhaltstyp",
   "Analysis definition version": "Version der Analysedefinition",
   "Analysis end date": "Enddatum der Analyse",
   "Analysis ended": "Analyse beendet",
   "Analysis engine version": "Version des Analyseprogramms",
   "Analysis SCO": "Analyse SCO",
   "Analysis start date": "Startdatum der Analyse",
   "Analysis started": "Analyse gestartet",
+  "Analysis type": "Art der Analyse",
   "Applicant": "Antragsteller",
   "Architecture execution env.": "Architektur Ausführung env.",
   "Artifact content": "Artefaktinhalt",

opencti-platform/opencti-front/lang/back/en.json

@@ -25,13 +25,16 @@
   "Algorithm": "Algorithm",
   "Aliases": "Aliases",
   "Allowed markings": "Allowed markings",
+  "Analysis content source": "Analysis content source",
+  "Analysis content type": "Analysis content type",
   "Analysis definition version": "Analysis definition version",
   "Analysis end date": "Analysis end date",
   "Analysis ended": "Analysis ended",
   "Analysis engine version": "Analysis engine version",
   "Analysis SCO": "Analysis SCO",
   "Analysis start date": "Analysis start date",
   "Analysis started": "Analysis started",
+  "Analysis type": "Analysis type",
   "Applicant": "Applicant",
   "Architecture execution env.": "Architecture execution env.",
   "Artifact content": "Artifact content",

opencti-platform/opencti-front/lang/back/es.json

@@ -25,13 +25,16 @@
   "Algorithm": "Algoritmo",
   "Aliases": "Aliases",
   "Allowed markings": "Marcas permitidas",
+  "Analysis content source": "Fuente de contenido de análisis",
+  "Analysis content type": "Tipo de contenido de análisis",
   "Analysis definition version": "Versión de la definición de análisis",
   "Analysis end date": "Fecha final del análisis",
   "Analysis ended": "Análisis finalizado",
   "Analysis engine version": "Versión del motor de análisis",
   "Analysis SCO": "Análisis SCO",
   "Analysis start date": "Fecha de inicio del análisis",
   "Analysis started": "Análisis iniciado",
+  "Analysis type": "Tipo de análisis",
   "Applicant": "Solicitante",
   "Architecture execution env.": "Entorno de ejecución de la arquitectura",
   "Artifact content": "Contenido del artefacto",

opencti-platform/opencti-front/lang/back/fr.json

@@ -25,13 +25,16 @@
   "Algorithm": "Algorithme",
   "Aliases": "Alias",
   "Allowed markings": "Marquages autorisés",
+  "Analysis content source": "Source du contenu de l'analyse",
+  "Analysis content type": "Type de contenu d'analyse",
   "Analysis definition version": "Version de la définition de l'analyse",
   "Analysis end date": "Date de fin d'analyse",
   "Analysis ended": "Analyse terminée",
   "Analysis engine version": "Version du moteur d'analyse",
   "Analysis SCO": "Analyse SCO",
   "Analysis start date": "Date de début de l'analyse",
   "Analysis started": "Analyse commencée",
+  "Analysis type": "Type d'analyse",
   "Applicant": "Demandeur",
   "Architecture execution env.": "Architecture d'exécution env.",
   "Artifact content": "Contenu de l'artefact",

opencti-platform/opencti-front/lang/back/ja.json

@@ -25,13 +25,16 @@
   "Algorithm": "アルゴリズム",
   "Aliases": "エイリアス",
   "Allowed markings": "許可マーク",
+  "Analysis content source": "分析内容ソース",
+  "Analysis content type": "分析内容タイプ",
   "Analysis definition version": "提出日",
   "Analysis end date": "分析終了日",
   "Analysis ended": "結果名",
   "Analysis engine version": "分析定義バージョン",
   "Analysis SCO": "サンプル",
   "Analysis start date": "分析開始日",
   "Analysis started": "分析終了日",
+  "Analysis type": "分析タイプ",
   "Applicant": "申請者",
   "Architecture execution env.": "実装言語",
   "Artifact content": "人工物の内容",

opencti-platform/opencti-front/lang/back/zh.json

@@ -25,13 +25,16 @@
   "Algorithm": "算法",
   "Aliases": "别名",
   "Allowed markings": "允许的标记",
+  "Analysis content source": "分析内容来源",
+  "Analysis content type": "分析内容类型",
   "Analysis definition version": "分析定义版本",
   "Analysis end date": "分析结束日期",
   "Analysis ended": "分析结束",
   "Analysis engine version": "分析引擎版本",
   "Analysis SCO": "分析软件",
   "Analysis start date": "分析开始日期",
   "Analysis started": "分析开始",
+  "Analysis type": "分析类型",
   "Applicant": "申请人",
   "Architecture execution env.": "架构执行环境",
   "Artifact content": "工件内容",

opencti-platform/opencti-front/src/schema/relay.schema.graphql

@@ -850,6 +850,9 @@ type FileMetadata {
   description: String
   order: Int
   inCarousel: Boolean
+  analysis_content_source: String
+  analysis_content_type: String
+  analysis_type: String
 }
 
 type File {
@@ -7418,6 +7421,7 @@ type Query {
   killChainPhases(first: Int, after: ID, orderBy: KillChainPhasesOrdering, orderMode: OrderingMode, filters: FilterGroup, search: String): KillChainPhaseConnection
   stixCoreObjectRaw(id: String!): String
   stixCoreObject(id: String!): StixCoreObject
+  stixCoreObjectAnalysis(id: ID!, contentSource: String!, contentType: AnalysisContentType!): Analysis
   stixCoreObjects(first: Int, after: ID, types: [String], orderBy: StixCoreObjectsOrdering, orderMode: OrderingMode, filters: FilterGroup, search: String): StixCoreObjectConnection
   stixCoreObjectsRegardingOf(entityId: ID, relationshipTypes: [String], first: Int, after: ID, types: [String], orderBy: StixCoreObjectsOrdering, orderMode: OrderingMode, filters: FilterGroup, search: String): StixCoreObjectConnection
   globalSearch(first: Int, after: ID, search: String, types: [String], orderBy: StixCoreObjectsOrdering, orderMode: OrderingMode, filters: FilterGroup): StixCoreObjectConnection
@@ -7799,6 +7803,27 @@ enum AnalysisContentType {
   file
 }
 
+union Analysis = MappingAnalysis
+
+input MappingAnalysisInput {
+  mappedEntities: [MappedEntityInput]
+}
+
+type MappingAnalysis {
+  analysisType: String!
+  mappedEntities: [MappedEntity!]
+}
+
+input MappedEntityInput {
+  matchedString: String!
+  matchedEntityId: String!
+}
+
+type MappedEntity {
+  matchedString: String!
+  matchedEntity: StixCoreObject!
+}
+
 type StixCoreObjectEditMutations {
   delete: ID
   relationAdd(input: StixRefRelationshipAddInput!): StixRefRelationship
@@ -7807,10 +7832,12 @@ type StixCoreObjectEditMutations {
   restrictionOrganizationAdd(organizationId: ID!): StixCoreObject
   restrictionOrganizationDelete(organizationId: ID!): StixCoreObject
   askEnrichment(connectorId: ID!): Work
+  askAnalysis(contentSource: String!, contentType: AnalysisContentType!, connectorId: ID): Work
+  analysisPush(file: Upload!, contentSource: String!, contentType: AnalysisContentType!, analysisType: String!): File
+  analysisClear(contentSource: String!, contentType: AnalysisContentType!): Boolean
   importPush(file: Upload!, fileMarkings: [String], version: DateTime, noTriggerImport: Boolean): File
   exportAsk(input: ExportAskInput!): [File!]
   exportPush(file: Upload!): Boolean
-  askAnalysis(contentSource: String!, contentType: AnalysisContentType!, connectorId: ID): Work
 }
 
 input StixDomainObjectFileEditInput {

opencti-platform/opencti-graphql/config/schema/opencti.graphql

@@ -813,6 +813,9 @@ type FileMetadata {
   description: String
   order: Int
   inCarousel: Boolean
+  analysis_content_source: String
+  analysis_content_type: String
+  analysis_type: String
 }
 type File {
   id: ID!
@@ -11389,6 +11392,7 @@ type Query {
 
   stixCoreObjectRaw(id: String!): String @auth(for: [KNOWLEDGE])
   stixCoreObject(id: String!): StixCoreObject @auth(for: [KNOWLEDGE])
+  stixCoreObjectAnalysis(id: ID!, contentSource: String!, contentType: AnalysisContentType!): Analysis @auth(for: [KNOWLEDGE])
   stixCoreObjects(
     first: Int
     after: ID
@@ -12445,6 +12449,32 @@ enum AnalysisContentType {
   file
 }
 
+enum AnalysisContentType {
+  fields
+  file
+}
+
+union Analysis = MappingAnalysis
+
+input MappingAnalysisInput {
+  mappedEntities: [MappedEntityInput]
+}
+
+type MappingAnalysis {
+  analysisType: String!
+  mappedEntities: [MappedEntity!]
+}
+
+input MappedEntityInput {
+  matchedString: String!
+  matchedEntityId: String!
+}
+
+type MappedEntity {
+  matchedString: String!
+  matchedEntity: StixCoreObject!
+}
+
 type StixCoreObjectEditMutations {
   delete: ID @auth(for: [KNOWLEDGE_KNUPDATE_KNDELETE])
   relationAdd(input: StixRefRelationshipAddInput!): StixRefRelationship
@@ -12453,10 +12483,12 @@ type StixCoreObjectEditMutations {
   restrictionOrganizationAdd(organizationId: ID!): StixCoreObject @auth(for: [KNOWLEDGE_KNUPDATE_KNORGARESTRICT])
   restrictionOrganizationDelete(organizationId: ID!): StixCoreObject @auth(for: [KNOWLEDGE_KNUPDATE_KNORGARESTRICT])
   askEnrichment(connectorId: ID!): Work @auth(for: [KNOWLEDGE_KNENRICHMENT])
+  askAnalysis(contentSource: String!, contentType: AnalysisContentType!, connectorId: ID): Work @auth(for: [KNOWLEDGE_KNUPDATE])
+  analysisPush(file: Upload!, contentSource: String!, contentType: AnalysisContentType!, analysisType: String!): File @auth(for: [CONNECTORAPI])
+  analysisClear(contentSource: String!, contentType: AnalysisContentType!): Boolean @auth(for: [KNOWLEDGE_KNUPDATE])
   importPush(file: Upload!, fileMarkings: [String], version: DateTime, noTriggerImport: Boolean): File @auth(for: [KNOWLEDGE_KNUPLOAD])
   exportAsk(input: ExportAskInput!): [File!]  @auth(for: [KNOWLEDGE_KNGETEXPORT_KNASKEXPORT])
   exportPush(file: Upload!): Boolean @auth(for: [CONNECTORAPI])
-  askAnalysis(contentSource: String!, contentType: AnalysisContentType!, connectorId: ID): Work @auth(for: [KNOWLEDGE_KNUPDATE])
 }
 
 ######## STIX DOMAIN OBJECT ENTITIES